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DETAILED ACTION 

Acknowledgments 

1. Applicants' amendment/argument filed on February 19, 2009 is acknowledged. 
Accordingly claims 5, 8-12, and 51-59 remain pending. 

Response to Arguments 

2. Applicant's arguments filed February 19, 2009 have been fully considered but 
they are not persuasive. 

3. With respect to claims 5 and 57 , Applicant argues that these claims include at 
least "t least one of editing and removing at least a portion of said executable 
commands such that said executable commands still remain in said trusted portion, but 
cannot be executed by said network client, wherein if editing, said editing of said 
executable commands comprises replacing particular characters within said executable 
commands." That Kuo teaches standardizing whitespace characters before scanning 
not during or after scanning. Thus Kuo does not accomplish "at least one of editing and 
removing at least a portion of said executable commands." 

In response, Examiner respectfully disagrees and submits that Kuo do disclose 
or suggest "at least one of editing and removing at least a portion of said executable 
commands." Virus codes are generally executable files or scripts that attach itself to text 
files. By editing the text files and removing the whitespaces, the code or script is being 
edited as well and that's why the virus signature can be found. Alternatively, Ji does 
insert special code sequence before and after each problematic instruction (col. 3, lines 
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10-55, which discloses that the instrumentation involves altering suspicious instructions 
such as by adding code or altering the suspicious instructions by replacing any 
suspicious instructions with other instructions) and this can only be accomplished by 
modifying or editing the problematic code. Furthermore the recitation "...such that said 
executable commands still remain in said trusted portion, but cannot be executed by 
said network client, wherein if editing, said editing of said executable commands 
comprises replacing particular characters within said executable commands" constitutes 
an intended use limitation. Applicant is reminded that, a recitation of the intended use of 
the claimed invention must result in a structural difference between the claimed 
invention and the prior art in order to patentably distinguish the claimed invention from 
the prior art. If the prior art structure is capable of performing the intended use, then it 
meets the claim. Applicant is further reminded that the limitation "to find executable 
commands inserted by an unwanted party, said executable commands being 
associated with a selected programming language, wherein said trusted portion is a 
subset of said network server" also constitutes an intended use limitation and therefore 
fails to positively recite a method step. 

4. Applicant further argues that Kuo invention removes and/or modifies whitespace 
characters only not portions of the executable command themselves. Kuo contains no 
disclosure or contemplation of modifying the executable command itself. 

In response, Examiner respectfully disagrees and submits that virus code or 
scripts are generally executable code that attach itself to text files or boot sectors of the 
computer storage mediums such as hard drives. By editing the text files infested with 
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the virus code or script, the code or script is being edited as well and that's why the 
virus signature can be found. Even if this explanation is found wanting, then Ji does 
insert special code sequence before and after each problematic instruction (col. 3, lines 
10-45) and this can only be accomplished by modifying or editing the problematic code. 
Applicant is reminded that, a recitation of the intended use of the claimed invention must 
result in a structural difference between the claimed invention and the prior art in order 
to patentably distinguish the claimed invention from the prior art. If the prior art 
structure is capable of performing the intended use, then it meets the claim. 

5. Applicant further argues that Kuo's standardization operation does not render the 
executable command such that it, at least "cannot be executed by the network client." 

In response, Examiner asserts that while Kuo may be silent as regards to above, 
Ji made it clear that if the security policy (which has been pre-established) is violated, 
that particular instruction which violates the security policy is not executed (col. 3, lines 
10-55). Furthermore, Applicant is reminded that, a recitation of the intended use of the 
claimed invention must result in a structural difference between the claimed invention 
and the prior art in order to patentably distinguish the claimed invention from the prior 
art. If the prior art structure is capable of performing the intended use, then it meets the 
claim. 

6. Applicant further argues that although Ji teaches insertion of code near 
problematic code, Ji does not teach modification of the problematic code itself. 

In response, Examiner respectfully disagrees and submits that Ji modifies the 
problematic code by inserting special code before and after each problematic 
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instruction. The interpretation of inserting special code before and after each 
problematic code does not translate to near the problematic code as Applicant appear 
to argue. 

7. With respect to dependent claims 8-12. and 51-56 , Applicant argues that these 
claims are patentable for at least the same reasons as differentiating the independent 
claim 5 as well as in view of their own respective features. 

In response Examiner disagrees and submits that dependent claims 8-12 and 
51 -56 are not patentable either for being dependent from claim 1 nor for their own 
individual recited features. 

Claim Rejections - 35 USC § 103 

8. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

9. Claims 5, 8-12 and 51-57 , are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Kuo et al (hereinafter "Kuo"), US Patent No. 6,230,288 B1 in view of 
Ji, US Patent No. 6,272,641 B1. 



10. As per claims 5 and 57 , Kuo discloses a method for protecting a network server 
from being used as the basis of an attack on a network client, the method comprising: 
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scanning a trusted portion of said network server to find executable commands 
inserted by an unwanted party, said executable commands being associated with a 
selected programming language, wherein said trusted portion is a subset of said 
network server; and, 

at least one of editing and removing at least a portion of said executable 
commands such that said executable commands still remain in said trusted portion, but 
cannot be executed by said network client, wherein if editing, said editing of said 
executable commands comprises replacing particular characters within said executable 
commands (col. 2, lines 25-40; see col. 5, lines 20-40, which discloses that the 
SCAN. EXE performs a whitespace transformation on the text file by replacing each of 
the various whitespace sequences found in the text file with a common whitespace 
sequence, e.g. a single whitespace character such as a space). 

1 1 . What Kuo does not explicitly disclose is: 

scanning a trusted portion of said network server to find executable commands 
inserted by an unwanted party, said executable commands being associated with a 
selected programming language, wherein said trusted portion is a subset of said 
network server 

12. Ji discloses scanning a trusted portion of said network server to find executable 
commands inserted by an unwanted party, said executable commands being 
associated with a selected programming language, wherein said trusted portion is a 
subset of said network server (see fig. 1, which discloses "scanner"; col. 3 lines 10-45, 
which discloses that the applets are statically scanned at the server by the scanner 
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looking for particular instructions which may be problematic in a security context. The 
identified problematic instructions are then each instrumented, e.g. special code is 
inserted before and after each problematic instruction, where the special code calls 
respectively a prefilter and a post filter ...the instrumentation involves replacing the 
problematic instruction with another instruction...) 

Accordingly, it would have been obvious to one of ordinary skill in the art at the 
time of the invention to modify Kuo to incorporate scanning a trusted portion of said 
network server to find executable commands inserted by an unwanted party, said 
executable commands being associated with a selected programming language, 
wherein said trusted portion is a subset of said network server, in view of the teachings 
of Ji since the claimed invention is merely a combination of old and known elements 
and in the combination each element would have performed the same function as it did 
separately, and one of ordinary skill in that art would have recognized that the results of 
the combination were predictable. 

13. As per claim 8 . Kuo failed to explicitly disclose the method, further comprising 
rejecting a request when said request contains said executable command having a 
hostile character. 

Ji discloses the further comprising rejecting a request when said request contains 
said executable command having a hostile character (col. 3, lines 20-45, which 
discloses that if the security policy is violated the particular instruction which violates the 
security policy is not executed...). 
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Accordingly, it would have been obvious to one of ordinary skill in the art at the 
time of the invention to modify Kuo to incorporate the method, further comprising 
rejecting a request when said request contains said executable command having a 
hostile character in view of the teachings of Ji since the claimed invention is merely a 
combination of old and known elements and in the combination each element would 
have performed the same function as it did separately, and one of ordinary skill in that 
art would have recognized that the results of the combination were predictable. 

14. As per claim 9, Kuo further discloses the method, further comprising logging 
said executable commands to form a security log (col. 2, lines 45-55; col. 8, lines 1-10). 

15. As per claim 10 , Kuo further discloses the method, further comprising reviewing 
said security log to determine whether said executable commands are hostile (col. 6, 
lines 55-65). 

16. As per claim 51 . Kuo further discloses the method, wherein the executable 
commands cause an unwanted action when executed (col. 2, lines 55-65). 



17. As per claim 52 . Kuo further discloses the method, wherein the executable 
commands are malicious (col. 1, lines 35-50). 
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18. As per claim 53 , Kuo further discloses the method, further comprising receiving a 
request for connection at said network server from network client 

Ji discloses the method, further comprising receiving a request for connection at 
said network server from network client (col. 2, lines 45-60). 

Accordingly, it would have been obvious to one of ordinary skill in the art at the 
time of the invention to modify Kuo to incorporate the method, further comprising 
receiving a request for connection at said network server from network client in view of 
the teachings of Ji since the claimed invention is merely a combination of old and known 
elements and in the combination each element would have performed the same 
function as it did separately, and one of ordinary skill in that art would have recognized 
that the results of the combination were predictable. 

19. As per claim 54 , Kuo failed to explicitly disclose the method, further comprising 
verifying that a response from said network server to said network client is void of said 
executable commands 

Ji disclose the method, further comprising verifying that a response from said 
network server to said network client is void of said executable commands (col. 3, lines 
35-45). 

Accordingly, it would have been obvious to one of ordinary skill in the art at the 
time of the invention to modify Kuo to incorporate the method, further comprising 
verifying that a response from said network server to said network client is void of said 
executable commands in view of the teachings of Ji since the claimed invention is 
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merely a combination of old and known elements and in the combination each element 
would have performed the same function as it did separately, and one of ordinary skill in 
that art would have recognized that the results of the combination were predictable. 

20. As per claim 55 , Kuo failed to explicitly disclose the method, further comprising 
providing said response from said network server to said network client. 

Ji discloses the method, further comprising providing said response from said 
network server to said network client (col. 3, lines 35-65) 

Accordingly, it would have been obvious to one of ordinary skill in the art at the 
time of the invention to modify Kuo to incorporate the method, further comprising 
providing said response from said network server to said network client in view of the 
teachings of Ji since the claimed invention is merely a combination of old and known 
elements and in the combination each element would have performed the same 
function as it did separately, and one of ordinary skill in that art would have recognized 
that the results of the combination were predictable. 

21 . As per claim 56 , Kuo further discloses the method of claim 5, wherein said 
programming language comprises javascript (col. 1, lines 55-65). 



22. As per claim 58 . Kuo further disclose the method wherein said editing comprises 
converting a script format character to another character (see claim 12). 
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23. As per claim 59 , Kuo further discloses the method wherein said removing 
comprises removing a script format character (col. 2, lines 25-40; see col. 5, lines 20- 
40) 



24. Claims 11-12, are rejected under 35 U.S.C. 1 03(a) as being unpatentable over 
Kuo et al (hereinafter "Kuo"), US Patent No. 6,230,288 B1 in view of Ji, US Patent No. 
6,272,641 B1 and further in view of Guheen et al (hereinafter "Guheen") U.S. Patent No. 
6,473,794 B1 . 



25. As per claim 11 , both Kuo and Ji failed to explicitly disclose the method, wherein 
said protection of the network server is accomplished during an electronic purchase 
transaction. 

Guheen further discloses the method, wherein said protection of the network 
server is accomplished during an electronic purchase transaction (column 251, lines 34- 
36). 

Accordingly, it would have been obvious to one of ordinary skill in the art at the 
time of the invention to modify Kuo to incorporate the method, wherein said protection of 
the network server is accomplished during an electronic purchase transaction in view of 
the teachings of Guheen since the claimed invention is merely a combination of old and 
known elements and in the combination each element would have performed the same 
function as it did separately, and one of ordinary skill in that art would have recognized 
that the results of the combination were predictable. 
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26. As per claim 12 , both Kuo and Ji failed to explicitly disclose the method wherein 
the electronic purchase transaction is conducted using a digital wallet 

Guheen further discloses the method, wherein the electronic purchase 
transaction is conducted using a digital wallet (column 17, java wallet; column 261, lines 
30-53). 

Accordingly, it would have been obvious to one of ordinary skill in the art at the 
time of the invention to modify Kuo to incorporate the method, wherein the electronic 
purchase transaction is conducted using a digital wallet in view of the teachings of 
Guheen since the claimed invention is merely a combination of old and known elements 
and in the combination each element would have performed the same function as it did 
separately, and one of ordinary skill in that art would have recognized that the results of 
the combination were predictable. 



Conclusion 

27. Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See M PEP 
§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
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TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

Examiner's Note: Examiner has cited particular columns and line numbers in 
the references as applied to the claims below for the convenience of the applicant. 
Although the specified citations are representative of the teachings in the art ad are 
applied to the specific limitations within the individual claim, other passages and figures 
may apply as well. It is respectfully requested that the applicant, in preparing the 
responses, fully consider the references in entirety as potentially teaching all or part of 
the claimed invention, as well as the context of the passage as taught by the prior art or 
disclosed by the examiner. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Charles C.L. Agwumezie whose number is (571) 272- 
6838. The examiner can normally be reached on Monday - Friday 8:00 am - 5:00 pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Calvin Hewitt can be reached on (571) 272 - 6709. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for published 
applications may be obtained from either Private PAIR or Public PAIR. Status 
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information for unpublished applications is available through Private PAIR only. For 
more information about the PAIR system, see http://pair-direct.uspto.gov . Should you 
have questions on access to the Private PAIR system, contact the Electronic Business 
Center (EBC) at 866-217-9197 (toll free). If you would like assistance from a USPTO 
Customer Service Representative or access to the automated information system, call 
800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/Charlie C Agwumezie/ 
Primary Examiner, Art Unit 3685 
June 5, 2009 



